Количество 2
Количество 2
CVE-2025-28254
11 месяцев назад
Cross Site Scripting vulnerability in Leantime v3.2.1 and before allows an authenticated attacker to execute arbitrary code and obtain sensitive information via the first name field in processMentions().
CVSS3: 5.4
EPSS: Низкий
GHSA-95j3-435g-vjcp
12 месяцев назад
Leantime affected by Improper Neutralization of HTML Tags
CVSS3: 6.5
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-28254 Cross Site Scripting vulnerability in Leantime v3.2.1 and before allows an authenticated attacker to execute arbitrary code and obtain sensitive information via the first name field in processMentions(). | CVSS3: 5.4 | 0% Низкий | 11 месяцев назад |
| GHSA-95j3-435g-vjcp Leantime affected by Improper Neutralization of HTML Tags | CVSS3: 6.5 | 0% Низкий | 12 месяцев назад |
Уязвимостей на страницу
20